CVE-2007-1538

Name of the Vulnerable Software and Affected Versions McAfee VirusScan Enterprise version 8.5.0.i

Description The software uses insecure permissions for certain Windows Registry keys, allowing local users to bypass local password protection via the UIP value in "HKEY LOCAL MACHINESOFTWAREMcAfeeDesktopProtection" or "HKEY LOCAL MACHINESOFTWARENetwork AssociatesTVDVirusScan EntrepriseCurrentVersion". However, this issue has been disputed by third-party researchers, who claim that the default permissions for HKEY LOCAL MACHINESOFTWARE do not allow for write access and the product does not modify the inherited permissions, suggesting a possible interaction error with another product.

Recommendations For McAfee VirusScan Enterprise version 8.5.0.i, consider restricting access to the vulnerable Windows Registry keys as a temporary workaround until a patch is available. Additionally, review the product's configuration and permissions to ensure they are set correctly to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.